October 10, 2025 • 43 mins
Miriam Swedlow, Associate, Davis Wright Tremaine LLP, Ryan Belton, Senior Counsel, PeaceHealth, and Kris Deyerle, General Counsel, Confluence Health, explore the tools the government uses to initiate and conduct potential enforcement actions and best practices for health care organizations to mitigate risk. They cover audits, subpoenas, civil investigative demands, and search warrants. Miriam, Ryan, and Kristie spoke about this topic at AHLA’s 2025 In-House Counsel Program in San Diego, CA.
Watch this episode: https://www.youtube.com/watch?v=PqtMI8t_8-8
Learn more about the AHLA 2025 In-House Counsel Program that took place in San Diego, CA: https://www.americanhealthlaw.org/inhousecounsel
Essential Legal Updates, Now in Audio
AHLA's popular Health Law Daily email newsletter is now a daily podcast, exclusively for AHLA Premium members. Get all your health law news from the major media outlets on this podcast! To subscribe and add this private podcast feed to your podcast app, go to americanhealthlaw.org/dailypodcast.
Stay At the Forefront of Health Legal Education
Learn more about AHLA and the educational resources available to the health law community at https://www.americanhealthlaw.org/.
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
SPEAKER_00 (00:04):
This episode of AHLA Speaking of Health Law is
brought to you by AHLA membersand donors like you.
For more information, visitAmericanHealthlaw.org.
SPEAKER_01 (00:16):
Hi hi, and welcome to everyone out in AHLA podcast
land.
Today we're going to beexploring how healthcare
organizations handle enforcementwhen it lands on their doorstep.
My name is Miriam Swedlo.
I'm an associate in thehealthcare practice group at
Dance Right from Maine.
(00:37):
A large part of my practiceinvolves advocating on behalf of
hospitals, health systems,healthcare entities, and
providers who are facing actualor threatening government
enforcement actions.
Joining me today is Ryan Beltonand Chris Dyerley.
The three of us had the pleasureof presenting on this topic at
(00:57):
the recent AHLA in-house programthat happened on June 29th in
beautiful, lovely San Diego.
Before we delve into ourconversation about that
presentation and points of thatpresentation, Chris, Ryan, why
don't you share a little bitwith the audience some of your
(01:18):
background?
SPEAKER_02 (01:20):
I would be happy to.
My name is Chris Dyerley.
I'm the General Counsel ofConfluence Health, a rural
integrated health care deliverysystem in North Central
Washington.
SPEAKER_03 (01:32):
Ryan?
Yeah, thanks, Chris.
I'm Ryan Belton.
I'm senior counsel at PeaceHealth.
It's a Catholic nonprofit healthsystem.
We're based in Vancouver,Washington, and have operations
uh through Oregon, Washington,and Southeast Alaska.
And uh to just succinctlydescribe my role here, I'll just
say I'm operations counsel.
(01:52):
I work closely with ourcompliance regulatory and risk
departments among others.
So with that out of the way,like Miriam said, we're talking
about um uh governmentenforcement and and some of the
tools they use.
Uh in our uh June presentation,we focused on a handful of tools
(02:14):
that regulators may employ.
Um think audits, subpoenas,civil investigative demands,
search warrants, and some of thebest practices uh for how we
respond to those.
Um and that's what we'll befocusing on today.
So uh we'll jump right in andstart with with audits.
Um, Chris and Miriam, as youknow, there are several types of
(02:35):
audits, including RAC, Mac,CERT, UPIC, uh you can have OIG
audits, OCR audits.
Uh I thought it might be helpfulfor our audience to give a
quick, just kind of high-leveloverview of some of the common
audit types you've encountered.
And and Chris, maybe sinceyou're in-house and and
(02:56):
oftentimes audits are handledin-house, can you tell us some
about uh about some of theaudits you've dealt with and
what distinguishes them one fromanother?
SPEAKER_02 (03:06):
Certainly.
I think over my tenure I'vereceived audits from almost
every governmental agency thatissues audits, um, starting with
like CMS, the IRS audits, RACaudits, OIG audits, OCR audits.
Um, generally, the audits I'vereceived for the most part have
(03:28):
been, thank goodness, uh,routine, non-targeted reviews by
agencies, particularly CMS orthe IRS.
These those audits have beenprimarily administrative in
nature.
We have received RAC audits aswell, which are also fairly
targeted, but smaller in scale,not the huge RAC audits that
(03:48):
we've seen.
Um, unfortunately, I have beenthe recipient of some OIG
audits.
They've been a little moretargeted with more of a federal
regulatory slant to them.
Um and I have received been therecipient of some OCR audits
(04:09):
coming in to look at ourpractices with regards in
particular to providing care tothose who English is not their
primary language.
Um, in today's regulatoryenvironment, I find that being
the recipient of these kinds ofaudits a little more stressful
than I ever used to because it'snow that the government is
(04:31):
extremely focused on fraud inhealthcare, there's always the
concern that one governmentagency will share the results of
an audit or share what theyreceive in response to an audit
with other governmentalagencies.
SPEAKER_01 (04:48):
Yeah, I think that's an excellent um point, Chris,
because we do know that there'syou know, you know, more and
more collaboration on thegovernment side.
So what kind of feels like itcould be pretty benign could
suddenly escalate quicker behindthe scenes that you don't know
about and and with the I thinkthe fact that the government's
(05:10):
really relying also so heavilyon technology and like massive
data sweeps and things likethat.
So yeah, that's an excellentpoint.
SPEAKER_03 (05:20):
Yeah, thank you both.
Um Miriam, what what are maybesome best practices that that
apply across the board?
We talked about, you know, uhChris just mentioned a lot of
different types of audits, butacross the board, what are some
best ways to approach them?
SPEAKER_01 (05:34):
Yeah, I mean, I think you'll hear a lot of these
same, you know, we know likethese are a lot of the same
themes across all of these,right?
You know, you want to respondtimely, you want to be
professional when you're dealingwith the government.
So right away let them know thatyou've received it, acknowledge
receipt, um, and then take alook at it, really carefully
review what you have, who's whatagency has issued it, what are
(05:55):
they asking for.
Um, then you want to involvelegal counsel, whether that's
internal, which is likely goingto be the case, um, you know,
right off the bat, and then yourinternal legal counsel can
assess whether it makes moresense, makes sense to also
collaborate with outside counselgiven potential risk that might
get that might arise from the umaudit itself.
(06:18):
You want to make sure thatyou're documenting everything.
Like you want to make sure thatif somebody comes back and asks
you what you did, you cancoherently be able to tell them
what happened and and the stepsthat were taken.
Um, and you know, from myperspective, I just think it's
always very helpful and criticalto just not be in free, uh not
(06:39):
be hesitant to engage with thegovernment and have it be a
conversation and rather thanjust kind of reacting
defensively.
SPEAKER_03 (06:49):
Yeah, that's great.
Um, thanks for that.
So um I thought we'd just runthrough one of the uh examples
we used in our presentation asan illustration.
So, Chris, allow me to set thetable for a second.
Um let's suppose that you're inhouse counsel for a nonprofit
hospital with 300 beds, and youreceive notice of an OIG target
(07:11):
uh audit that's targeting someinpatient rehab claims for
medical necessity, codingaccuracy, physician
certifications, dischargedocumentation and the request uh
or the notice requests 40 randomclaims and gives you 30 days to
respond.
So with with the uh with allthat information, what what's
(07:36):
your first move as counsel?
SPEAKER_02 (07:40):
So initially I look at the audit request and I see
what its scope is and and try toascertain is this a targeted
request of us or is thissomething that's a general
request at this governmentagency that they're doing to
more than one provider?
If I feel it's a targetedrequest, I'm initially going to
engage outside counsel to assistme with this audit.
(08:03):
At the same time, I might beengaging outside counsel.
I'm going to be working with mycompliance team and potentially
my risk management team togather whatever documents are
responsive to this request sothat we can begin reviewing them
internally to see if there'sgoing to be any kind of issue
with the documents that we'returning over.
(08:25):
Even if I haven't engagedoutside counsel in the first,
you know, the first blush, if Isee anything that may be
concerning and what I'm going toask to turn over, I'm going to
engage outside counsel to helpme frame whatever I'm sending
out.
SPEAKER_03 (08:45):
So as as a follow-up to the first thing you said
there and trying to ascertainwhether whether you're being
targeted, um what ways have beenhelpful for you to find out that
information?
Are you plugged into local umhospital associations?
Are you calling council?
(09:06):
Are you calling you know phone afriend at a different
organization?
What what's your approach there?
SPEAKER_02 (09:14):
From my perspective, I would probably reach out to
the hospital association.
At the same time, I'm reachingout to outside council.
They generally, outside councilhave their ears open and they're
they're hearing more than I'mhearing in North Central
Washington.
So I rely on them to have therelationships with the
government officials, folksworking in the government
(09:37):
sphere, um, connecting withtheir other out, you know,
council resources to know what'sgoing on in the industry.
SPEAKER_01 (09:46):
I would imagine the the the type of audit and the
requests that are being askedfor also might give you some
sense.
You know, if it seems very,very, very targeted and specific
to your organization or someevents that have happened or
whatnot, it's much more likelyto be, you know, okay, this is
(10:06):
they're looking for something orconcerned about something as
opposed to um, you know, there'sbeen something published by the
OIG of an area that they arelooking, you know, that they're
recommending focus.
And then three months later youget hit with an audit and you're
like, okay, that's you know,this sounds sounds quite
routine.
SPEAKER_03 (10:23):
Yeah.
So so Miriam, um, as outsidecounsel, assume you get that
call from Chris, what whatthings are you focusing on?
SPEAKER_01 (10:33):
Uh well, I mean, I would, you know, like I like if
you know, you definitely want toknow and understand kind of what
they're what they're asking for.
Um, I, you know, I my first kindof engagement would be what is
the inter what is my insidecouncil, my in-house counsel
concerned about?
Um, they're that they have, youknow, they know kind of, you
(10:54):
know, much more information thanI do.
And if they have specificconcerns, I need to be aware of
those and kind of follow thosedown.
Also, in-house counsel is goingto be extremely helpful in in
helping to understand thestakeholders on the other side
and who's who's going to beeasier to get information from
and maybe where the roadblocksmight arise in actually like
gathering and responding to theaudit requests.
(11:17):
And really just collaborating toget a game plan.
Do we need to ask for anextension?
Do we, you know, has has hasthere already been engagement
with the government, or do weneed to make that as as quickly
as possible?
Things like that, kind of, youknow, just really like setting
it up as, you know, here's whatwe have, let's let's create a
game plan and where we go fromthere.
(11:38):
Um so okay.
SPEAKER_03 (11:41):
And I wanted to maybe just explore one of the um
the wrinkles that we had throwninto our presentation
hypothetical.
Um and in the interest of time,we probably can't get to all of
them, but one was you know, inin responding to the audit, you
know, the team discovers thatthat some of the records may not
(12:01):
meet medical necessity.
Um Mira, maybe you can talk alittle bit about you know what
what to do in that kind of asituation to mitigate any
potential exposure.
SPEAKER_01 (12:12):
Yeah, I mean, I think that's always you know the
the dread, right?
You you're compiling documentsto turn over, and suddenly in
your review before pulling themout, you recognize, oh my gosh,
there's been some errors orthere's some bad facts here.
Um and I mean I you know factsare what they are, you know, and
and at least when you know, thehelpful thing is if there are
(12:33):
bad facts, we want to know thembefore those facts are turned
over to the government.
And so um so knowing about themis extremely helpful.
And we'd much rather um havethat said, we can then decide
what steps need to be taking.
Do we start resolving, do westart making internal changes?
Uh is it a systemic thing or isit just inadvertent errors?
(12:56):
And then of course, when you'returning over information to the
government, you want to be ableto have a narrative and an
explanation.
Okay, here's here's what wediscovered, here's what's been
done, here's what we don't thinkthat it's a problem that the
government needs to be concernedabout, right?
Um and so you know, the key isas you, you know, if we can
control that narrative as bestas we can, that's going to be
(13:20):
much more helpful than being onthe back foot and just
responding to to kind ofpeppered questions from the
government.
Plus, you're offering upgoodwill, you know, you're
showing the government we'renot, you know, we're not trying
to hide anything here.
We're wanting to work with thegovernment, we want to make sure
that there's no concerns.
SPEAKER_03 (13:39):
Yeah, all really, really helpful advice.
Um in interest of time, uhMiriam, maybe you can walk us
through some of the theadditional fun tools that uh
right.
SPEAKER_01 (13:52):
Like the what we what we want, we do not want an
audit to lead to next.
SPEAKER_03 (13:57):
Right, right, right.
Yeah, so what comes next?
SPEAKER_01 (14:00):
So so one of the you know big areas that that um we
talked about in ourpresentation, and of course,
unfortunately, healthcareentities have to kind of contend
with in dealing with governmentthreatened actual um
investigation tools, are ofcourse the subpoena or the civil
investigative demand or CID,which are very, very similar,
(14:22):
but of course there are keydifferences um between the two.
Um, Ryan, why don't you describesome examples of CIDs and
subpoenas that are typicallyseen within the um healthcare
space?
SPEAKER_03 (14:37):
Sure.
Um so you know the one that Ithink everybody dreads is you
know, if you're underinvestigation for uh uh an
alleged false claims actviolation, um then I think you
can expect to see a CID issuedby uh the Department of Justice.
Um also, you know, stateattorneys general offices may
(15:02):
issue either a subpoena or aCID, just depending on on you
know what stage uh you may be inin litigation.
Um courts as well can issue uhsome civil subpoenas as part of
uh litigation that you might bea party to.
And then uh even if you're not aparty, uh you may receive
(15:23):
third-party subpoenas maybe froma regulatory agency that uh
perhaps they're um investigatinguh an entity that you've done
business with and they want tounderstand more about what uh
what transpired as part of thosetransactions.
So those are those are a few.
SPEAKER_01 (15:41):
Yeah, yeah.
I mean, and especially I wouldimagine for hospitals that uh
that license professionals, thenthere's all the professional
licensing bodies that that whenthey're investigating an
individual, then they might cometo the to the employer or
hospital to seeking records aspart of uh through a third-party
subpoena if necessary, um, youknow, things like that.
(16:05):
So Chris, um in your experience,what are best practices you have
employed when responding to asubpoena or a CID?
SPEAKER_02 (16:17):
So in general, when I receive a subpoena or a CID,
which I hopefully will neverreceive from the DOJ, although I
can't count your chickens.
Um I generally look at thesubpoena and try to ascertain
the scope and whether or notthis again, like your audits, is
it targeted or just general?
(16:38):
Am I the target of this subpoenaor am I a third party that the
government's just seekinginformation from?
Um so I look at the scope.
Does it seem overly broad?
Is it a narrowly focusedsubpoena?
And then I'm trying to ascertainwho within my organization do I
have to reach out to to get thatinformation.
(17:02):
So I'm thinking about who'sgoing to be on my team to help
pull together the informationthat's being requested.
Um, and then another thing I'mlooking at is are they
requesting PHI?
Because oftentimes then thatrequires another level of
scrutiny, not only on my end,but engaging outside council to
(17:25):
try to narrow the scope, maybe,or ensure that this governmental
request meets all the state andfederal requirements under HIPAA
for releasing medical records.
Um that's generally first stepsfrom my end.
Um in general, if I'm getting asubpoena for documents from a
(17:48):
federal agency, I of course amreaching out to outside counsel
to help me with that request,particularly if it's an if it's
a broad request.
Um, because my hope is that theywill be able to narrow it and
streamline that request.
unknown (18:05):
Yeah.
SPEAKER_03 (18:06):
Yeah, and I I I I'll just add one thing.
I think you know, Chris hit iton the head, convening the right
team, um, super important, uh,including you know who may be
the custodian of the recordsthat are being requested and
making sure that we um wepromptly get out some kind of a
preservation documentpreservation notice or memo or
(18:26):
or lid hold um so that you knowwe can we can keep those and and
respond.
SPEAKER_02 (18:34):
Yeah, I find that government the government
subpoenas that I have receivedseem to um the government has a
different idea of my documentinfrastructure.
Um they seem to assume that wehave an integrated document
management system, so I can justput out a litigation request
(18:55):
hold request and you know I canpull all the relevant
information quickly.
And although that may be true inmy organization with regards to
say emails or you know, the textmessages that are done through
our team system, we don't have adocument management system.
So I need to identifyindividuals who I think may have
(19:18):
responsive documents, reach outto them to see who they think
may have responsive documents,and then kind of do a broad
blast email explaining why Ineed you to preserve these
documents.
Um we were in receipt of asubpoena.
This is what I need you to do,and then field all the questions
that come back.
(19:39):
Right.
SPEAKER_01 (19:40):
Right.
I think it I think one of thethings you put you you commented
on, and like the government hasthese, has this like view of
what uh an entity's capabilitiesare.
And the other thing I think theyforget is you know, they'll
sometimes issue the its requestsand it's just it's a massively
long timeline.
And they forget the usertechnology, like you have to
(20:02):
call together.
Sometimes you might have hadlike a whole new system, you
might have a hospital might havebeen affiliated or acquired,
people come and go.
And so it's not just like easyto test you know, start the
three.
Everything's fine, you know,it's like you've got like so
many hurdles that um then haveto kind of be navigated through,
(20:22):
but also then like communicatedto the to the government and and
explained of like you know,mitigating expectations,
managing expectations on theirside, you know.
Um always a delicate delicatebalance.
Uh Ryan.
SPEAKER_02 (20:43):
I think that's particularly true when the
subpoenas are broad and they'reasking for information and your
IT team is throwing out wordsearches and you're getting
back, oh look, there are 10,000emails that fit in that is, and
it's you can't possibly searchthrough them all.
SPEAKER_01 (21:00):
Yeah.
So well, and then and then whenyou when there is that
expectation of of a broad ESI,you know, kind of trying to try
like it's just such anextraordinary cost burden for
organizations and trying to youknow really like show that to
the government when they're youknow, especially if it's a you
know, just it just feels like aneffort of utility sometimes.
(21:24):
But um, that's one of the youknow, it is it is a frustration
in dealing with the governmentbecause in in this type of space
where it it's very differentthan normal litigation, civil
litigation where discovery iskind of an equal playing field.
Um, you know, kind of there's akind of exchange of information.
(21:45):
Um in these types of scenarios,the posture is very different.
The government knows what it'sinformation it has, but as the
responding entity, you don'tknow what they have.
You don't know kind of whattheir you have a sense of, you
don't really know what theirconcerns are, and they hold all
the power.
Um, and so it's just it's extit's psychologically just very
(22:09):
and and and operationallyextremely frustrating in my in
my experience.
So um, Ryan, um you mentionedlitigation holds and and Chris
you did as well in our um in ourscenario that we kind of walked
through during our presentation,our healthcare, our exampler
(22:30):
healthcare entity, RitualHealth, did make some, let's
say, missteps in in issuing itslitigation hold following the
receipt of a subpoena from HHSORC.
Um can you both kind of weigh inon um you know like just factors
that and things that you need tothink through uh in approaching
(22:52):
the organization with alitigation hold?
SPEAKER_03 (22:57):
Sure.
I think um, you know, as Chrismentioned earlier, just the
biggest one of the biggestthings is just identifying who
the uh audience is and who isgonna have responsive documents.
Um you know, we don't want to beover-inclusive in notifying, you
know, everybody in theorganization that um that we
(23:20):
have this investigation goingon.
Um I think also uh just tryingto educate them a little bit on
on how it works and and the needto preserve those um you know
folks can get a little bitexcited um when they uh get a
(23:42):
notice like that.
Um and you know, you want to beable to try to curb water cooler
talk and and gossip and thingslike that.
And so just helping themunderstand um, you know, that
hey, this is part of business,but you know, we also need to
just kind of keep you know umkeep things confidential that
(24:06):
need to be cut confidential andand uh proceed that way.
SPEAKER_01 (24:10):
Yeah, it's like this this tightrope of like, I need
to give you enough informationso that you can make sure that
we're holding on to what we needto, but I don't want to give you
so much information to freak youout and cause complete chaos in
the organization.
Exactly.
Um so another thing that wetalked about in our breach well
(24:31):
scenario was that in thatscenario, OCR, as part of
subpoena issued interview umsubpoenas with some of the
employees.
Um, what are some considerationsum that um you kind of have to
keep in mind when you have thegovernment wanting to speak to
employees or other stakeholdersduring the course of an
(24:53):
investigation?
SPEAKER_02 (24:56):
So, my general rule of thumb, if the government
wants to interview my employeesto quickly loop in outside
counsel and be it outsidecounsel that is engaged to
represent that individualemployee specifically, and I, as
the employer, just kind ofpaying the bill and they have
(25:16):
that one-on-one relationshipwith the attorney or something
more general.
But I because employees, that'snot what this is not what they
do in their general course ofbusiness is get interviewed by
government officials, and itthey're very nervous, they want
to do anything possible to avoidit.
So engaging outside counsel tohelp walk them through the
(25:40):
process, um, prep them for anyinterview and be with them
during the interview, I think isintegral.
Um, it also gives me an ear towhat's being said and what's
being asked.
So I find that very important.
And since I'm not a litigator, Iand I don't deal with government
investigators on a regularbasis, thank goodness it's I
(26:02):
need outside counsel to do thatfor me.
Yeah, Ryan, you just have do youhave any other not really.
SPEAKER_03 (26:10):
I'll I'll echo everything that Chris just said.
Yeah.
SPEAKER_01 (26:13):
Yeah, I you know, I think it's like, you know, it's
so stressful to be interviewed,especially if it's if in a CID
or for there's some, you know,you've got a court reporter, or
if there's it's very formalizedand and whatnot.
Um and so there's it's helpfulto have outside counsel, some
counsel there with the employeeto just be an advocate for them
(26:36):
in the room.
Like even if it's unnecessary,my experience, the government is
you know, they're all decentpeople and they're not there to
beat up on the employees and umbehave pretty, you know,
respectfully.
Just knowing that there'ssomebody there on like to
advocate for you is veryhelpful.
Of course, it's very beneficialfor the organization to know
(26:56):
what questions were asked, kindof what the tone is, you know,
kind of what do they focus onand things like that.
SPEAKER_03 (27:02):
Well, I I will jump in just to say, you know, in my
experience, it has been helpfulto have the outside attorney,
and and I felt I've had maybesome value add in just being the
the trusted, you know, I havethe relationship with that
client.
And and so just uh I'm able atleast to reiterate um some of
what counsel's saying, and andyou know, the the advice I give
(27:25):
is general, um but it it'sgenerally, you know.
Um you want to be you don't wantto be hostile to the regulator
um coming in.
You also don't need to be superhelpful and and do their job for
them.
You don't need to offer them youknow more than what they're
asking for.
SPEAKER_01 (27:44):
Um I think my my two golden rules are be honest,
right?
Like I think it's you can neverunderestimate the power of
telling somebody we want you tobe honest, right?
Um, but also letting them knowyour your only obligation is to
answer the question asked.
So answer the question askedhonestly, and that's that's kind
(28:08):
of like the fundamental kind ofthing.
But but yeah, you know,definitely very helpful um space
to have outside counsel.
And you definitely don't want todo like our dear client did in
our um our example a case studyand just have the employees
interviewed without anyengagement prior uh by um
(28:30):
internal or external counsel.
So um I think that let's likethat's you know moving away from
our you know kind of controlledand um you know intense but
controlled enforcement actions.
Uh the last uh tool that wetalked about was search
(28:50):
warrants.
So I'm gonna turn that over toyou, Chris.
SPEAKER_02 (28:55):
Yeah, so search warrants can be a little more
stressful than the subpoenas orCIDs that you receive where you
have time to actually formulatea response versus a search
warrant.
Um they the individuals show upin person and they want to do
their searches at that time.
(29:17):
So search warrants generally canbe issued both by judicial or
administrative agencies.
Um they are supported byprobable cause, but they are
served during business hoursusually and in person.
So that and there's typically nonotice that you're going to be
served with a search warrant.
(29:39):
Um the only benefit to a searchwarrant warrant, unlike a CID or
a subpoena, is it is limited toin search to the person or place
that's identified in the searchwarrant on the time of the
search and the items to besearched.
So, Ryan, with all thatbackground, is in how Council,
(30:00):
what are your key practices whenyou're faced with a search
warrant?
SPEAKER_03 (30:06):
Yeah, you know, preparation is really the name
of the game.
Um, we've we've done a lot ofwork at Peace Health with
frontline employees andleadership, just educating them
on how to respond.
And we've got a bit of aplaybook.
Um and an important criticalpart of that playbook is you
(30:26):
know contacting legal as as soonas possible.
And we've gone so far as to uhset up actually a legal hotline
in our organization that thelegal department staffs uh 24-7.
SPEAKER_01 (30:43):
I think that's that's awesome.
You go, you you you're not aclinician, so you don't have to
be on call, but yet you you'reon call anyhow.
SPEAKER_02 (30:54):
So, Miriam, for in-house counsel, what what do
you think are should be ourimmediate actions upon receipt
of a search warrant?
SPEAKER_01 (31:04):
Well, um, certainly you want to look at that
warrant.
So you want to get thecredentials of the the
enforcement agents that arethere at the scene.
So, you know, you you want tomake sure you're professional,
you don't want to beobstructionist, but you also
like, you know, want to verifylike let me see your credentials
and that you I think I know thatyou are authorized to be here.
Let me look at the searchwarrant.
(31:26):
I want to see the issuing orderthat is giving the authority for
you to be here unannounced.
And then of course, becausethey're technically limited to
the scope of what is in thatsearch warrant, um, what is it?
And and and how do you make sureto kind of pen them in so that
they're not trying to push theboundaries of that?
(31:48):
Um and then I think, you know,let's all be honest, like you're
healthcare entities, you'reproviding care to patients.
And so you're also wanting tomake sure that you're working
with the team to make sure thatcare is not disruptive and the
and that the priority of yourorganization to be able to care
for people is not severelyinterrupted by this kind of
(32:10):
government um enforcementaction.
SPEAKER_02 (32:18):
Ryan, so what kind of instructions do you give your
employees regarding searchwarrants?
I mean, in addition to theirfirst call should be to the
legal hotline, it's gonna take awhile for that legal rep to show
up there.
So what kind of tools or techtricks are you giving them to
handle an impatient um lawenforcement officer who's
(32:42):
wanting to execute on his searchwarrant?
SPEAKER_03 (32:45):
Yeah, a lot of it uh is exactly what Miriam just
said.
You know, it's first andforemost remain calm and
professional.
Um ask for identification,verify who they are and ask for
their documentation, look atwhat they're needing to get at,
um, and and then getting that infront of counsel as as quickly
(33:08):
as possible so we can assess,you know, is this an
administrative subpoena or uhwarrant?
Is this a judicial searchwarrant?
Um, you know, and then once itis being executed, uh assuming
all that stuff kind of checksout, um then it's really you
(33:29):
know, for our our leaders ummore than our frontline staff to
um be there and to follow thelaw enforcement official, um,
you know, try to document asmuch as you can about what is
being collected and obtained anduh making a log of of what
they're taking and things likethat.
(33:52):
Um I will add, you know, uh Ithink Miriam touched on this as
well.
You know, maybe the case thatlaw enforcement officer just
isn't wanting to wait around umfor legal to to verify what he's
after and and um is perhaps youknow aggressive.
(34:12):
And and in those situations, ourour recommendation is you know,
we'll deal with the falloutlater, but but don't be you know
obstructionist, don't don't tryto intervene and and preclude
them from executing, um, becausebecause that can have some
pretty serious consequences aswell.
SPEAKER_01 (34:33):
Yeah, and that's where that's where that that
instruction to document is sohelpful.
Like you know, if you can, likeactually assigning one person,
like you're responsible for justwriting down, tracking what was
said, how is it responded, whatif what, you know.
So if you had that kind of pushyofficer who, you know, was just
(34:54):
gonna, you know, take care ofbusiness, that you're like
documenting kind of the dialogueof that there was a request to
wait for labeling or not, or ifthere is a an action that
exceeds the scope, you know,there's some documentation of
that they were alerted to thefact that they were exceeding
the scope and why, and then thefact that they continue to take
(35:17):
the process.
But it's it's obvious it's notgoing to help help the
organization to like get intoyou know a bull's match with um
executing officers.
As you said, it's better to kindof just make sure you document
it and deal with it in theaftermath and just be the one
who's who's being cooperative.
SPEAKER_02 (35:38):
So, in that case study we used at the AHLA
conference, a billing supervisordirected agents to files that
were not included in the warrantbecause she knew they were
likely responsive to theconcerns that were raised in the
warrant itself.
So, Ryan, give us your thoughtson what is the risk of when
(36:01):
employees expand the scope of asearch warrant.
SPEAKER_03 (36:05):
Yeah, I think whether it's you know expanding
the scope of a warrant or youknow, volunteering information
during uh an interview as partof a CID or subpoena, uh it's
really the risk is letting theproverbial camel's nose into the
tent, right?
Once once the camel's in there,um who knows what they're gonna
(36:27):
want to see in in addition towhat was in the warrant.
So um I I think making surestaff know to um, you know,
again, not be overly helpful umuh is is really important.
SPEAKER_01 (36:45):
Yeah, it's it's one of the it's like so against
human nature, right?
Like our nature is to like, wewant especially in the
healthcare world, right?
You're there to help people,like you know, and so so just
letting staff know, like, we'renot asking you to be a jerk,
we're not asking you to do this,but at the same time, don't do
the government's job for them.
They are asking you for specificthings or asking you these
(37:06):
questions, answer thosequestions, give them those
documents.
You don't have to do anythingmore than that.
And it's and it I think it'sreally hard to do in practice,
but it is I think it's alwaysgood to just remind people, you
know, like you know, you don'tyour good intention might have
some significant consequences,but just you know bring it in
(37:32):
for those types of things.
Dealing with challenges is whatyou guys do on a day-to-day
basis, right?
So um and you know, kind ofthinking about search warrants,
I think given the currentadministration's aggressive
stance, uh, shall we stay onimmigration?
I'm curious about how um yourorganizations are kind of
(37:55):
approaching um, you know, kindof being prepared for this
heightened level of enforcementfrom the federal government.
SPEAKER_02 (38:04):
So my organization, like Ryan's, we've instituted a
program where if if immigrationenforcement officials show up,
like any other legal enforcementofficial with a search warrant,
they're to immediately calllegal counsel.
Um, unlike Ryan's organization,I am it.
(38:24):
So it's either calling me orcalling risk management, and
staff have my cell phone numberto call me 24-7.
But we've also taken a lot ofefforts to distinguish what is
public space versus what isprivate space, um, so that we
can kind of restrain whereimmigration enforcement
(38:46):
officials may go.
Um, we want to try to keep themout of the patient face, the
patient spaces themselves.
Um, we've also educated staffquite a bit on that they have
the right to remain silent.
They don't have to be answeringquestions posed by immigration
enforcement officials or anylegal officials.
(39:08):
They can, you know, wait forlegal counsel to arrive.
Um, but they should not beobstructionists either.
And that doesn't mean we have toactively help them, we just
can't hinder a search.
So, but then staff has also beencautioned not to interfere with
(39:30):
what law enforcement chooses todo.
So if they want to blow past,don't physically obstruct them
from going into areas that wemay have told them other that
they should not be entering.
Um, and it's a lot of trainingstaff on what patient rights
are, what legal rights are, whatinformation we can disclose,
(39:53):
what information we can'tdisclose.
So it's been a lot of training.
Um, we do encourage them todocument all law enforcement
interactions, clearly write downif they're taking things, what
they're taking.
We do have surveillance camerasin the non-patient areas, so
they will be recording and wewould keep those surveillance
(40:13):
recordings.
SPEAKER_01 (40:14):
Yeah.
Yeah, so you know, a lot of thesame recommendations, um, but
definitely very, very front andcenter unfortunately right now
that uh so many organizationsare kind of struggling with.
So um, well, you know, I thinkwe've discussed various
(40:35):
enforcement tool tools and umand things.
Um is there any kind of lastminute kind of takeaways that
you wanted to share with theaudience?
SPEAKER_03 (40:47):
I'll say if I, you know, kind of boiling it down, I
think I think you've heard somethemes today, but I think you
know, when you receive uh anykind of of notice, you know,
from the government, um it'simportant to to acknowledge
receipt in a timely manner, toreally look and understand the
scope of it, um, you know, getit an extension if you need and
(41:11):
and you know really document uheverything and coordinate with
the right the right team and theright stakeholders.
SPEAKER_02 (41:19):
Chris?
Yeah, uh another key takeaway ismake sure your staff know to get
legal involved immediately whenany of these actions occur,
tools are used.
And when warranted, engageoutside counsel.
They can be your best friendswhen these situations arise.
SPEAKER_01 (41:37):
Yeah, yeah.
Um and and yeah, just kind oftalking about these things
before they happen.
Um, you know, you can't controlwhen you're going to receive an
enforcement action, um, but youcan control how prepared you are
to respond.
Um I want to thank both of youagain for your time, for your
(41:59):
expertise on these topics onlike working with me on putting
together that presentation.
Um, and Chris at the very lastminute being willing to jump in
when we had a last-minute umpanelist who couldn't come.
Um absolutely am fully ingratitude uh to you for that.
Being a co-presenter with bothof you was um highlight for me
(42:23):
this year at the in-houseprogram, which was fantastic.
And um, so we wanted to use thisopportunity to remind the
audience that next year'sin-house program and the ADLA
annual update is gonna be in NewYork City.
So, excellent conference,exceptional city.
(42:43):
I think it's gonna be epic.
Um, so hopefully everyone willbe able to um take advantage of
it.
And again, thank you both.
SPEAKER_03 (42:54):
Thank you, Miriam.
It was a pleasure.
SPEAKER_01 (42:56):
Thank you.
Thank you.
SPEAKER_00 (43:03):
If you enjoyed this episode, be sure to subscribe to
AHLA Speaking of Health Lawwherever you get your podcast.
For more information about AHLAand the educational resources
available to the health lawcommunity.
Visit americanhealthlaw.org andstay updated on breaking
healthcare industry news fromthe major media outlets with
AHLA's Health Law Daily Podcast,exclusively for AHLA
(43:24):
comprehensive members.
Subscribe and add this privatepodcast feed to your podcast
app.
Go to americanhealthlaw.orgslash daily podcast.
This episode of AHLA Speaking of Health Law is
brought to you by AHLA membersand donors like you.
For more information, visitAmericanHealthlaw.org.
SPEAKER_01 (00:16):
Hi hi, and welcome to everyone out in AHLA podcast
land.
Today we're going to beexploring how healthcare
organizations handle enforcementwhen it lands on their doorstep.
My name is Miriam Swedlo.
I'm an associate in thehealthcare practice group at
Dance Right from Maine.
(00:37):
A large part of my practiceinvolves advocating on behalf of
hospitals, health systems,healthcare entities, and
providers who are facing actualor threatening government
enforcement actions.
Joining me today is Ryan Beltonand Chris Dyerley.
The three of us had the pleasureof presenting on this topic at
(00:57):
the recent AHLA in-house programthat happened on June 29th in
beautiful, lovely San Diego.
Before we delve into ourconversation about that
presentation and points of thatpresentation, Chris, Ryan, why
don't you share a little bitwith the audience some of your
(01:18):
background?
SPEAKER_02 (01:20):
I would be happy to.
My name is Chris Dyerley.
I'm the General Counsel ofConfluence Health, a rural
integrated health care deliverysystem in North Central
Washington.
SPEAKER_03 (01:32):
Ryan?
Yeah, thanks, Chris.
I'm Ryan Belton.
I'm senior counsel at PeaceHealth.
It's a Catholic nonprofit healthsystem.
We're based in Vancouver,Washington, and have operations
uh through Oregon, Washington,and Southeast Alaska.
And uh to just succinctlydescribe my role here, I'll just
say I'm operations counsel.
(01:52):
I work closely with ourcompliance regulatory and risk
departments among others.
So with that out of the way,like Miriam said, we're talking
about um uh governmentenforcement and and some of the
tools they use.
Uh in our uh June presentation,we focused on a handful of tools
(02:14):
that regulators may employ.
Um think audits, subpoenas,civil investigative demands,
search warrants, and some of thebest practices uh for how we
respond to those.
Um and that's what we'll befocusing on today.
So uh we'll jump right in andstart with with audits.
Um, Chris and Miriam, as youknow, there are several types of
(02:35):
audits, including RAC, Mac,CERT, UPIC, uh you can have OIG
audits, OCR audits.
Uh I thought it might be helpfulfor our audience to give a
quick, just kind of high-leveloverview of some of the common
audit types you've encountered.
And and Chris, maybe sinceyou're in-house and and
(02:56):
oftentimes audits are handledin-house, can you tell us some
about uh about some of theaudits you've dealt with and
what distinguishes them one fromanother?
SPEAKER_02 (03:06):
Certainly.
I think over my tenure I'vereceived audits from almost
every governmental agency thatissues audits, um, starting with
like CMS, the IRS audits, RACaudits, OIG audits, OCR audits.
Um, generally, the audits I'vereceived for the most part have
(03:28):
been, thank goodness, uh,routine, non-targeted reviews by
agencies, particularly CMS orthe IRS.
These those audits have beenprimarily administrative in
nature.
We have received RAC audits aswell, which are also fairly
targeted, but smaller in scale,not the huge RAC audits that
(03:48):
we've seen.
Um, unfortunately, I have beenthe recipient of some OIG
audits.
They've been a little moretargeted with more of a federal
regulatory slant to them.
Um and I have received been therecipient of some OCR audits
(04:09):
coming in to look at ourpractices with regards in
particular to providing care tothose who English is not their
primary language.
Um, in today's regulatoryenvironment, I find that being
the recipient of these kinds ofaudits a little more stressful
than I ever used to because it'snow that the government is
(04:31):
extremely focused on fraud inhealthcare, there's always the
concern that one governmentagency will share the results of
an audit or share what theyreceive in response to an audit
with other governmentalagencies.
SPEAKER_01 (04:48):
Yeah, I think that's an excellent um point, Chris,
because we do know that there'syou know, you know, more and
more collaboration on thegovernment side.
So what kind of feels like itcould be pretty benign could
suddenly escalate quicker behindthe scenes that you don't know
about and and with the I thinkthe fact that the government's
(05:10):
really relying also so heavilyon technology and like massive
data sweeps and things likethat.
So yeah, that's an excellentpoint.
SPEAKER_03 (05:20):
Yeah, thank you both.
Um Miriam, what what are maybesome best practices that that
apply across the board?
We talked about, you know, uhChris just mentioned a lot of
different types of audits, butacross the board, what are some
best ways to approach them?
SPEAKER_01 (05:34):
Yeah, I mean, I think you'll hear a lot of these
same, you know, we know likethese are a lot of the same
themes across all of these,right?
You know, you want to respondtimely, you want to be
professional when you're dealingwith the government.
So right away let them know thatyou've received it, acknowledge
receipt, um, and then take alook at it, really carefully
review what you have, who's whatagency has issued it, what are
(05:55):
they asking for.
Um, then you want to involvelegal counsel, whether that's
internal, which is likely goingto be the case, um, you know,
right off the bat, and then yourinternal legal counsel can
assess whether it makes moresense, makes sense to also
collaborate with outside counselgiven potential risk that might
get that might arise from the umaudit itself.
(06:18):
You want to make sure thatyou're documenting everything.
Like you want to make sure thatif somebody comes back and asks
you what you did, you cancoherently be able to tell them
what happened and and the stepsthat were taken.
Um, and you know, from myperspective, I just think it's
always very helpful and criticalto just not be in free, uh not
(06:39):
be hesitant to engage with thegovernment and have it be a
conversation and rather thanjust kind of reacting
defensively.
SPEAKER_03 (06:49):
Yeah, that's great.
Um, thanks for that.
So um I thought we'd just runthrough one of the uh examples
we used in our presentation asan illustration.
So, Chris, allow me to set thetable for a second.
Um let's suppose that you're inhouse counsel for a nonprofit
hospital with 300 beds, and youreceive notice of an OIG target
(07:11):
uh audit that's targeting someinpatient rehab claims for
medical necessity, codingaccuracy, physician
certifications, dischargedocumentation and the request uh
or the notice requests 40 randomclaims and gives you 30 days to
respond.
So with with the uh with allthat information, what what's
(07:36):
your first move as counsel?
SPEAKER_02 (07:40):
So initially I look at the audit request and I see
what its scope is and and try toascertain is this a targeted
request of us or is thissomething that's a general
request at this governmentagency that they're doing to
more than one provider?
If I feel it's a targetedrequest, I'm initially going to
engage outside counsel to assistme with this audit.
(08:03):
At the same time, I might beengaging outside counsel.
I'm going to be working with mycompliance team and potentially
my risk management team togather whatever documents are
responsive to this request sothat we can begin reviewing them
internally to see if there'sgoing to be any kind of issue
with the documents that we'returning over.
(08:25):
Even if I haven't engagedoutside counsel in the first,
you know, the first blush, if Isee anything that may be
concerning and what I'm going toask to turn over, I'm going to
engage outside counsel to helpme frame whatever I'm sending
out.
SPEAKER_03 (08:45):
So as as a follow-up to the first thing you said
there and trying to ascertainwhether whether you're being
targeted, um what ways have beenhelpful for you to find out that
information?
Are you plugged into local umhospital associations?
Are you calling council?
(09:06):
Are you calling you know phone afriend at a different
organization?
What what's your approach there?
SPEAKER_02 (09:14):
From my perspective, I would probably reach out to
the hospital association.
At the same time, I'm reachingout to outside council.
They generally, outside councilhave their ears open and they're
they're hearing more than I'mhearing in North Central
Washington.
So I rely on them to have therelationships with the
government officials, folksworking in the government
(09:37):
sphere, um, connecting withtheir other out, you know,
council resources to know what'sgoing on in the industry.
SPEAKER_01 (09:46):
I would imagine the the the type of audit and the
requests that are being askedfor also might give you some
sense.
You know, if it seems very,very, very targeted and specific
to your organization or someevents that have happened or
whatnot, it's much more likelyto be, you know, okay, this is
(10:06):
they're looking for something orconcerned about something as
opposed to um, you know, there'sbeen something published by the
OIG of an area that they arelooking, you know, that they're
recommending focus.
And then three months later youget hit with an audit and you're
like, okay, that's you know,this sounds sounds quite
routine.
SPEAKER_03 (10:23):
Yeah.
So so Miriam, um, as outsidecounsel, assume you get that
call from Chris, what whatthings are you focusing on?
SPEAKER_01 (10:33):
Uh well, I mean, I would, you know, like I like if
you know, you definitely want toknow and understand kind of what
they're what they're asking for.
Um, I, you know, I my first kindof engagement would be what is
the inter what is my insidecouncil, my in-house counsel
concerned about?
Um, they're that they have, youknow, they know kind of, you
(10:54):
know, much more information thanI do.
And if they have specificconcerns, I need to be aware of
those and kind of follow thosedown.
Also, in-house counsel is goingto be extremely helpful in in
helping to understand thestakeholders on the other side
and who's who's going to beeasier to get information from
and maybe where the roadblocksmight arise in actually like
gathering and responding to theaudit requests.
(11:17):
And really just collaborating toget a game plan.
Do we need to ask for anextension?
Do we, you know, has has hasthere already been engagement
with the government, or do weneed to make that as as quickly
as possible?
Things like that, kind of, youknow, just really like setting
it up as, you know, here's whatwe have, let's let's create a
game plan and where we go fromthere.
(11:38):
Um so okay.
SPEAKER_03 (11:41):
And I wanted to maybe just explore one of the um
the wrinkles that we had throwninto our presentation
hypothetical.
Um and in the interest of time,we probably can't get to all of
them, but one was you know, inin responding to the audit, you
know, the team discovers thatthat some of the records may not
(12:01):
meet medical necessity.
Um Mira, maybe you can talk alittle bit about you know what
what to do in that kind of asituation to mitigate any
potential exposure.
SPEAKER_01 (12:12):
Yeah, I mean, I think that's always you know the
the dread, right?
You you're compiling documentsto turn over, and suddenly in
your review before pulling themout, you recognize, oh my gosh,
there's been some errors orthere's some bad facts here.
Um and I mean I you know factsare what they are, you know, and
and at least when you know, thehelpful thing is if there are
(12:33):
bad facts, we want to know thembefore those facts are turned
over to the government.
And so um so knowing about themis extremely helpful.
And we'd much rather um havethat said, we can then decide
what steps need to be taking.
Do we start resolving, do westart making internal changes?
Uh is it a systemic thing or isit just inadvertent errors?
(12:56):
And then of course, when you'returning over information to the
government, you want to be ableto have a narrative and an
explanation.
Okay, here's here's what wediscovered, here's what's been
done, here's what we don't thinkthat it's a problem that the
government needs to be concernedabout, right?
Um and so you know, the key isas you, you know, if we can
control that narrative as bestas we can, that's going to be
(13:20):
much more helpful than being onthe back foot and just
responding to to kind ofpeppered questions from the
government.
Plus, you're offering upgoodwill, you know, you're
showing the government we'renot, you know, we're not trying
to hide anything here.
We're wanting to work with thegovernment, we want to make sure
that there's no concerns.
SPEAKER_03 (13:39):
Yeah, all really, really helpful advice.
Um in interest of time, uhMiriam, maybe you can walk us
through some of the theadditional fun tools that uh
right.
SPEAKER_01 (13:52):
Like the what we what we want, we do not want an
audit to lead to next.
SPEAKER_03 (13:57):
Right, right, right.
Yeah, so what comes next?
SPEAKER_01 (14:00):
So so one of the you know big areas that that um we
talked about in ourpresentation, and of course,
unfortunately, healthcareentities have to kind of contend
with in dealing with governmentthreatened actual um
investigation tools, are ofcourse the subpoena or the civil
investigative demand or CID,which are very, very similar,
(14:22):
but of course there are keydifferences um between the two.
Um, Ryan, why don't you describesome examples of CIDs and
subpoenas that are typicallyseen within the um healthcare
space?
SPEAKER_03 (14:37):
Sure.
Um so you know the one that Ithink everybody dreads is you
know, if you're underinvestigation for uh uh an
alleged false claims actviolation, um then I think you
can expect to see a CID issuedby uh the Department of Justice.
Um also, you know, stateattorneys general offices may
(15:02):
issue either a subpoena or aCID, just depending on on you
know what stage uh you may be inin litigation.
Um courts as well can issue uhsome civil subpoenas as part of
uh litigation that you might bea party to.
And then uh even if you're not aparty, uh you may receive
(15:23):
third-party subpoenas maybe froma regulatory agency that uh
perhaps they're um investigatinguh an entity that you've done
business with and they want tounderstand more about what uh
what transpired as part of thosetransactions.
So those are those are a few.
SPEAKER_01 (15:41):
Yeah, yeah.
I mean, and especially I wouldimagine for hospitals that uh
that license professionals, thenthere's all the professional
licensing bodies that that whenthey're investigating an
individual, then they might cometo the to the employer or
hospital to seeking records aspart of uh through a third-party
subpoena if necessary, um, youknow, things like that.
(16:05):
So Chris, um in your experience,what are best practices you have
employed when responding to asubpoena or a CID?
SPEAKER_02 (16:17):
So in general, when I receive a subpoena or a CID,
which I hopefully will neverreceive from the DOJ, although I
can't count your chickens.
Um I generally look at thesubpoena and try to ascertain
the scope and whether or notthis again, like your audits, is
it targeted or just general?
(16:38):
Am I the target of this subpoenaor am I a third party that the
government's just seekinginformation from?
Um so I look at the scope.
Does it seem overly broad?
Is it a narrowly focusedsubpoena?
And then I'm trying to ascertainwho within my organization do I
have to reach out to to get thatinformation.
(17:02):
So I'm thinking about who'sgoing to be on my team to help
pull together the informationthat's being requested.
Um, and then another thing I'mlooking at is are they
requesting PHI?
Because oftentimes then thatrequires another level of
scrutiny, not only on my end,but engaging outside council to
(17:25):
try to narrow the scope, maybe,or ensure that this governmental
request meets all the state andfederal requirements under HIPAA
for releasing medical records.
Um that's generally first stepsfrom my end.
Um in general, if I'm getting asubpoena for documents from a
(17:48):
federal agency, I of course amreaching out to outside counsel
to help me with that request,particularly if it's an if it's
a broad request.
Um, because my hope is that theywill be able to narrow it and
streamline that request.
unknown (18:05):
Yeah.
SPEAKER_03 (18:06):
Yeah, and I I I I'll just add one thing.
I think you know, Chris hit iton the head, convening the right
team, um, super important, uh,including you know who may be
the custodian of the recordsthat are being requested and
making sure that we um wepromptly get out some kind of a
preservation documentpreservation notice or memo or
(18:26):
or lid hold um so that you knowwe can we can keep those and and
respond.
SPEAKER_02 (18:34):
Yeah, I find that government the government
subpoenas that I have receivedseem to um the government has a
different idea of my documentinfrastructure.
Um they seem to assume that wehave an integrated document
management system, so I can justput out a litigation request
(18:55):
hold request and you know I canpull all the relevant
information quickly.
And although that may be true inmy organization with regards to
say emails or you know, the textmessages that are done through
our team system, we don't have adocument management system.
So I need to identifyindividuals who I think may have
(19:18):
responsive documents, reach outto them to see who they think
may have responsive documents,and then kind of do a broad
blast email explaining why Ineed you to preserve these
documents.
Um we were in receipt of asubpoena.
This is what I need you to do,and then field all the questions
that come back.
(19:39):
Right.
SPEAKER_01 (19:40):
Right.
I think it I think one of thethings you put you you commented
on, and like the government hasthese, has this like view of
what uh an entity's capabilitiesare.
And the other thing I think theyforget is you know, they'll
sometimes issue the its requestsand it's just it's a massively
long timeline.
And they forget the usertechnology, like you have to
(20:02):
call together.
Sometimes you might have hadlike a whole new system, you
might have a hospital might havebeen affiliated or acquired,
people come and go.
And so it's not just like easyto test you know, start the
three.
Everything's fine, you know,it's like you've got like so
many hurdles that um then haveto kind of be navigated through,
(20:22):
but also then like communicatedto the to the government and and
explained of like you know,mitigating expectations,
managing expectations on theirside, you know.
Um always a delicate delicatebalance.
Uh Ryan.
SPEAKER_02 (20:43):
I think that's particularly true when the
subpoenas are broad and they'reasking for information and your
IT team is throwing out wordsearches and you're getting
back, oh look, there are 10,000emails that fit in that is, and
it's you can't possibly searchthrough them all.
SPEAKER_01 (21:00):
Yeah.
So well, and then and then whenyou when there is that
expectation of of a broad ESI,you know, kind of trying to try
like it's just such anextraordinary cost burden for
organizations and trying to youknow really like show that to
the government when they're youknow, especially if it's a you
know, just it just feels like aneffort of utility sometimes.
(21:24):
But um, that's one of the youknow, it is it is a frustration
in dealing with the governmentbecause in in this type of space
where it it's very differentthan normal litigation, civil
litigation where discovery iskind of an equal playing field.
Um, you know, kind of there's akind of exchange of information.
(21:45):
Um in these types of scenarios,the posture is very different.
The government knows what it'sinformation it has, but as the
responding entity, you don'tknow what they have.
You don't know kind of whattheir you have a sense of, you
don't really know what theirconcerns are, and they hold all
the power.
Um, and so it's just it's extit's psychologically just very
(22:09):
and and and operationallyextremely frustrating in my in
my experience.
So um, Ryan, um you mentionedlitigation holds and and Chris
you did as well in our um in ourscenario that we kind of walked
through during our presentation,our healthcare, our exampler
(22:30):
healthcare entity, RitualHealth, did make some, let's
say, missteps in in issuing itslitigation hold following the
receipt of a subpoena from HHSORC.
Um can you both kind of weigh inon um you know like just factors
that and things that you need tothink through uh in approaching
(22:52):
the organization with alitigation hold?
SPEAKER_03 (22:57):
Sure.
I think um, you know, as Chrismentioned earlier, just the
biggest one of the biggestthings is just identifying who
the uh audience is and who isgonna have responsive documents.
Um you know, we don't want to beover-inclusive in notifying, you
know, everybody in theorganization that um that we
(23:20):
have this investigation goingon.
Um I think also uh just tryingto educate them a little bit on
on how it works and and the needto preserve those um you know
folks can get a little bitexcited um when they uh get a
(23:42):
notice like that.
Um and you know, you want to beable to try to curb water cooler
talk and and gossip and thingslike that.
And so just helping themunderstand um, you know, that
hey, this is part of business,but you know, we also need to
just kind of keep you know umkeep things confidential that
(24:06):
need to be cut confidential andand uh proceed that way.
SPEAKER_01 (24:10):
Yeah, it's like this this tightrope of like, I need
to give you enough informationso that you can make sure that
we're holding on to what we needto, but I don't want to give you
so much information to freak youout and cause complete chaos in
the organization.
Exactly.
Um so another thing that wetalked about in our breach well
(24:31):
scenario was that in thatscenario, OCR, as part of
subpoena issued interview umsubpoenas with some of the
employees.
Um, what are some considerationsum that um you kind of have to
keep in mind when you have thegovernment wanting to speak to
employees or other stakeholdersduring the course of an
(24:53):
investigation?
SPEAKER_02 (24:56):
So, my general rule of thumb, if the government
wants to interview my employeesto quickly loop in outside
counsel and be it outsidecounsel that is engaged to
represent that individualemployee specifically, and I, as
the employer, just kind ofpaying the bill and they have
(25:16):
that one-on-one relationshipwith the attorney or something
more general.
But I because employees, that'snot what this is not what they
do in their general course ofbusiness is get interviewed by
government officials, and itthey're very nervous, they want
to do anything possible to avoidit.
So engaging outside counsel tohelp walk them through the
(25:40):
process, um, prep them for anyinterview and be with them
during the interview, I think isintegral.
Um, it also gives me an ear towhat's being said and what's
being asked.
So I find that very important.
And since I'm not a litigator, Iand I don't deal with government
investigators on a regularbasis, thank goodness it's I
(26:02):
need outside counsel to do thatfor me.
Yeah, Ryan, you just have do youhave any other not really.
SPEAKER_03 (26:10):
I'll I'll echo everything that Chris just said.
Yeah.
SPEAKER_01 (26:13):
Yeah, I you know, I think it's like, you know, it's
so stressful to be interviewed,especially if it's if in a CID
or for there's some, you know,you've got a court reporter, or
if there's it's very formalizedand and whatnot.
Um and so there's it's helpfulto have outside counsel, some
counsel there with the employeeto just be an advocate for them
(26:36):
in the room.
Like even if it's unnecessary,my experience, the government is
you know, they're all decentpeople and they're not there to
beat up on the employees and umbehave pretty, you know,
respectfully.
Just knowing that there'ssomebody there on like to
advocate for you is veryhelpful.
Of course, it's very beneficialfor the organization to know
(26:56):
what questions were asked, kindof what the tone is, you know,
kind of what do they focus onand things like that.
SPEAKER_03 (27:02):
Well, I I will jump in just to say, you know, in my
experience, it has been helpfulto have the outside attorney,
and and I felt I've had maybesome value add in just being the
the trusted, you know, I havethe relationship with that
client.
And and so just uh I'm able atleast to reiterate um some of
what counsel's saying, and andyou know, the the advice I give
(27:25):
is general, um but it it'sgenerally, you know.
Um you want to be you don't wantto be hostile to the regulator
um coming in.
You also don't need to be superhelpful and and do their job for
them.
You don't need to offer them youknow more than what they're
asking for.
SPEAKER_01 (27:44):
Um I think my my two golden rules are be honest,
right?
Like I think it's you can neverunderestimate the power of
telling somebody we want you tobe honest, right?
Um, but also letting them knowyour your only obligation is to
answer the question asked.
So answer the question askedhonestly, and that's that's kind
(28:08):
of like the fundamental kind ofthing.
But but yeah, you know,definitely very helpful um space
to have outside counsel.
And you definitely don't want todo like our dear client did in
our um our example a case studyand just have the employees
interviewed without anyengagement prior uh by um
(28:30):
internal or external counsel.
So um I think that let's likethat's you know moving away from
our you know kind of controlledand um you know intense but
controlled enforcement actions.
Uh the last uh tool that wetalked about was search
(28:50):
warrants.
So I'm gonna turn that over toyou, Chris.
SPEAKER_02 (28:55):
Yeah, so search warrants can be a little more
stressful than the subpoenas orCIDs that you receive where you
have time to actually formulatea response versus a search
warrant.
Um they the individuals show upin person and they want to do
their searches at that time.
(29:17):
So search warrants generally canbe issued both by judicial or
administrative agencies.
Um they are supported byprobable cause, but they are
served during business hoursusually and in person.
So that and there's typically nonotice that you're going to be
served with a search warrant.
(29:39):
Um the only benefit to a searchwarrant warrant, unlike a CID or
a subpoena, is it is limited toin search to the person or place
that's identified in the searchwarrant on the time of the
search and the items to besearched.
So, Ryan, with all thatbackground, is in how Council,
(30:00):
what are your key practices whenyou're faced with a search
warrant?
SPEAKER_03 (30:06):
Yeah, you know, preparation is really the name
of the game.
Um, we've we've done a lot ofwork at Peace Health with
frontline employees andleadership, just educating them
on how to respond.
And we've got a bit of aplaybook.
Um and an important criticalpart of that playbook is you
(30:26):
know contacting legal as as soonas possible.
And we've gone so far as to uhset up actually a legal hotline
in our organization that thelegal department staffs uh 24-7.
SPEAKER_01 (30:43):
I think that's that's awesome.
You go, you you you're not aclinician, so you don't have to
be on call, but yet you you'reon call anyhow.
SPEAKER_02 (30:54):
So, Miriam, for in-house counsel, what what do
you think are should be ourimmediate actions upon receipt
of a search warrant?
SPEAKER_01 (31:04):
Well, um, certainly you want to look at that
warrant.
So you want to get thecredentials of the the
enforcement agents that arethere at the scene.
So, you know, you you want tomake sure you're professional,
you don't want to beobstructionist, but you also
like, you know, want to verifylike let me see your credentials
and that you I think I know thatyou are authorized to be here.
Let me look at the searchwarrant.
(31:26):
I want to see the issuing orderthat is giving the authority for
you to be here unannounced.
And then of course, becausethey're technically limited to
the scope of what is in thatsearch warrant, um, what is it?
And and and how do you make sureto kind of pen them in so that
they're not trying to push theboundaries of that?
(31:48):
Um and then I think, you know,let's all be honest, like you're
healthcare entities, you'reproviding care to patients.
And so you're also wanting tomake sure that you're working
with the team to make sure thatcare is not disruptive and the
and that the priority of yourorganization to be able to care
for people is not severelyinterrupted by this kind of
(32:10):
government um enforcementaction.
SPEAKER_02 (32:18):
Ryan, so what kind of instructions do you give your
employees regarding searchwarrants?
I mean, in addition to theirfirst call should be to the
legal hotline, it's gonna take awhile for that legal rep to show
up there.
So what kind of tools or techtricks are you giving them to
handle an impatient um lawenforcement officer who's
(32:42):
wanting to execute on his searchwarrant?
SPEAKER_03 (32:45):
Yeah, a lot of it uh is exactly what Miriam just
said.
You know, it's first andforemost remain calm and
professional.
Um ask for identification,verify who they are and ask for
their documentation, look atwhat they're needing to get at,
um, and and then getting that infront of counsel as as quickly
(33:08):
as possible so we can assess,you know, is this an
administrative subpoena or uhwarrant?
Is this a judicial searchwarrant?
Um, you know, and then once itis being executed, uh assuming
all that stuff kind of checksout, um then it's really you
(33:29):
know, for our our leaders ummore than our frontline staff to
um be there and to follow thelaw enforcement official, um,
you know, try to document asmuch as you can about what is
being collected and obtained anduh making a log of of what
they're taking and things likethat.
(33:52):
Um I will add, you know, uh Ithink Miriam touched on this as
well.
You know, maybe the case thatlaw enforcement officer just
isn't wanting to wait around umfor legal to to verify what he's
after and and um is perhaps youknow aggressive.
(34:12):
And and in those situations, ourour recommendation is you know,
we'll deal with the falloutlater, but but don't be you know
obstructionist, don't don't tryto intervene and and preclude
them from executing, um, becausebecause that can have some
pretty serious consequences aswell.
SPEAKER_01 (34:33):
Yeah, and that's where that's where that that
instruction to document is sohelpful.
Like you know, if you can, likeactually assigning one person,
like you're responsible for justwriting down, tracking what was
said, how is it responded, whatif what, you know.
So if you had that kind of pushyofficer who, you know, was just
(34:54):
gonna, you know, take care ofbusiness, that you're like
documenting kind of the dialogueof that there was a request to
wait for labeling or not, or ifthere is a an action that
exceeds the scope, you know,there's some documentation of
that they were alerted to thefact that they were exceeding
the scope and why, and then thefact that they continue to take
(35:17):
the process.
But it's it's obvious it's notgoing to help help the
organization to like get intoyou know a bull's match with um
executing officers.
As you said, it's better to kindof just make sure you document
it and deal with it in theaftermath and just be the one
who's who's being cooperative.
SPEAKER_02 (35:38):
So, in that case study we used at the AHLA
conference, a billing supervisordirected agents to files that
were not included in the warrantbecause she knew they were
likely responsive to theconcerns that were raised in the
warrant itself.
So, Ryan, give us your thoughtson what is the risk of when
(36:01):
employees expand the scope of asearch warrant.
SPEAKER_03 (36:05):
Yeah, I think whether it's you know expanding
the scope of a warrant or youknow, volunteering information
during uh an interview as partof a CID or subpoena, uh it's
really the risk is letting theproverbial camel's nose into the
tent, right?
Once once the camel's in there,um who knows what they're gonna
(36:27):
want to see in in addition towhat was in the warrant.
So um I I think making surestaff know to um, you know,
again, not be overly helpful umuh is is really important.
SPEAKER_01 (36:45):
Yeah, it's it's one of the it's like so against
human nature, right?
Like our nature is to like, wewant especially in the
healthcare world, right?
You're there to help people,like you know, and so so just
letting staff know, like, we'renot asking you to be a jerk,
we're not asking you to do this,but at the same time, don't do
the government's job for them.
They are asking you for specificthings or asking you these
(37:06):
questions, answer thosequestions, give them those
documents.
You don't have to do anythingmore than that.
And it's and it I think it'sreally hard to do in practice,
but it is I think it's alwaysgood to just remind people, you
know, like you know, you don'tyour good intention might have
some significant consequences,but just you know bring it in
(37:32):
for those types of things.
Dealing with challenges is whatyou guys do on a day-to-day
basis, right?
So um and you know, kind ofthinking about search warrants,
I think given the currentadministration's aggressive
stance, uh, shall we stay onimmigration?
I'm curious about how um yourorganizations are kind of
(37:55):
approaching um, you know, kindof being prepared for this
heightened level of enforcementfrom the federal government.
SPEAKER_02 (38:04):
So my organization, like Ryan's, we've instituted a
program where if if immigrationenforcement officials show up,
like any other legal enforcementofficial with a search warrant,
they're to immediately calllegal counsel.
Um, unlike Ryan's organization,I am it.
(38:24):
So it's either calling me orcalling risk management, and
staff have my cell phone numberto call me 24-7.
But we've also taken a lot ofefforts to distinguish what is
public space versus what isprivate space, um, so that we
can kind of restrain whereimmigration enforcement
(38:46):
officials may go.
Um, we want to try to keep themout of the patient face, the
patient spaces themselves.
Um, we've also educated staffquite a bit on that they have
the right to remain silent.
They don't have to be answeringquestions posed by immigration
enforcement officials or anylegal officials.
(39:08):
They can, you know, wait forlegal counsel to arrive.
Um, but they should not beobstructionists either.
And that doesn't mean we have toactively help them, we just
can't hinder a search.
So, but then staff has also beencautioned not to interfere with
(39:30):
what law enforcement chooses todo.
So if they want to blow past,don't physically obstruct them
from going into areas that wemay have told them other that
they should not be entering.
Um, and it's a lot of trainingstaff on what patient rights
are, what legal rights are, whatinformation we can disclose,
(39:53):
what information we can'tdisclose.
So it's been a lot of training.
Um, we do encourage them todocument all law enforcement
interactions, clearly write downif they're taking things, what
they're taking.
We do have surveillance camerasin the non-patient areas, so
they will be recording and wewould keep those surveillance
(40:13):
recordings.
SPEAKER_01 (40:14):
Yeah.
Yeah, so you know, a lot of thesame recommendations, um, but
definitely very, very front andcenter unfortunately right now
that uh so many organizationsare kind of struggling with.
So um, well, you know, I thinkwe've discussed various
(40:35):
enforcement tool tools and umand things.
Um is there any kind of lastminute kind of takeaways that
you wanted to share with theaudience?
SPEAKER_03 (40:47):
I'll say if I, you know, kind of boiling it down, I
think I think you've heard somethemes today, but I think you
know, when you receive uh anykind of of notice, you know,
from the government, um it'simportant to to acknowledge
receipt in a timely manner, toreally look and understand the
scope of it, um, you know, getit an extension if you need and
(41:11):
and you know really document uheverything and coordinate with
the right the right team and theright stakeholders.
SPEAKER_02 (41:19):
Chris?
Yeah, uh another key takeaway ismake sure your staff know to get
legal involved immediately whenany of these actions occur,
tools are used.
And when warranted, engageoutside counsel.
They can be your best friendswhen these situations arise.
SPEAKER_01 (41:37):
Yeah, yeah.
Um and and yeah, just kind oftalking about these things
before they happen.
Um, you know, you can't controlwhen you're going to receive an
enforcement action, um, but youcan control how prepared you are
to respond.
Um I want to thank both of youagain for your time, for your
(41:59):
expertise on these topics onlike working with me on putting
together that presentation.
Um, and Chris at the very lastminute being willing to jump in
when we had a last-minute umpanelist who couldn't come.
Um absolutely am fully ingratitude uh to you for that.
Being a co-presenter with bothof you was um highlight for me
(42:23):
this year at the in-houseprogram, which was fantastic.
And um, so we wanted to use thisopportunity to remind the
audience that next year'sin-house program and the ADLA
annual update is gonna be in NewYork City.
So, excellent conference,exceptional city.
(42:43):
I think it's gonna be epic.
Um, so hopefully everyone willbe able to um take advantage of
it.
And again, thank you both.
SPEAKER_03 (42:54):
Thank you, Miriam.
It was a pleasure.
SPEAKER_01 (42:56):
Thank you.
Thank you.
SPEAKER_00 (43:03):
If you enjoyed this episode, be sure to subscribe to
AHLA Speaking of Health Lawwherever you get your podcast.
For more information about AHLAand the educational resources
available to the health lawcommunity.
Visit americanhealthlaw.org andstay updated on breaking
healthcare industry news fromthe major media outlets with
AHLA's Health Law Daily Podcast,exclusively for AHLA
(43:24):
comprehensive members.
Subscribe and add this privatepodcast feed to your podcast
app.
Go to americanhealthlaw.orgslash daily podcast.
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
CrimeLess: Hillbilly Heist
It’s 1996 in rural North Carolina, and an oddball crew makes history when they pull off America’s third largest cash heist. But it’s all downhill from there. Join host Johnny Knoxville as he unspools a wild and woolly tale about a group of regular ‘ol folks who risked it all for a chance at a better life. CrimeLess: Hillbilly Heist answers the question: what would you do with 17.3 million dollars? The answer includes diamond rings, mansions, velvet Elvis paintings, plus a run for the border, murder-for-hire-plots, and FBI busts.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com